Blizzard Investigating Diablo 3 Hacks

Hackers, the bane of everyone’s existence seem to be at it again. Ever since Diablo 3 released last week the numbers of players that have had their accounts hijacked has grown. Players have had their account broken into and their characters stripped bare or even outright taken over. Blizzard is investigating the situations putting the blame on old fashioned hacking techniques rather than a possibility of a hole in the security of Diablo 3. However, some players have insisted they have been hacked, even though they have a Battle.net Authenticator.

The hacks are just like any other online game, Diablo 3‘s DRM means that even if you are playing single player the game is being played online for everyone. People are finding all their equipment and stash sold off and the gold traded to some other account. Blizzard is offering rollbacks to players with affected characters, but that doesn’t make your gaming experience safe yet and there is still the annoyance and inconvenience that no one should have to deal with.

While Blizzard is keeping an eye on the usual hack vectors–keyloggers, phishing, passwords collected from hacked websites and so on–some unconfirmed reports say that hackers can come into games that are open to the public and get the session ID of the person that open the game and spoof their account to login as that person.

This forum post by community manager Micah ‘Bashiok Whiple shows that Blizzard is not so sure of that being the situation. “We’ve been taking the situation extremely seriously from the start, and have done everything possible to verify how and in what circumstances these compromises are occurring. Despite the claims and theories being made, we have yet to find any situations in which a person’s account was not compromised through traditional means of someone else logging into their account through the use of their password. While the authenticator isn’t a 100% guarantee of account security, we have yet to investigate a compromise report in which an authenticator was attached beforehand.”

Regardless, it is in your best interest to do all you can to keep your account secure, by using an actual Authenticator, the free Authenticator mobile act, or the SMS Protect service, as detailed here.

“Historically, the release of a new game–such as a World of Warcraft expansion–will result in an increase in reports of individual account compromises, and that’s exactly what we’re seeing now with Diablo III,” Blizzard said. Let’s hope that’s all it is.

This could also mean big issues when the real money auction house opens up on May 29th, after being delayed. This could cause a lot more problems and people being more concerned with their gear in the game.